@alanc profile picture
Alan Coopersmith @alanc@hachyderm.io @alanc

Solaris Engineer at Sun^H^H^HOracle (Release management, Security, X11, GNOME); former board member of @XorgFoundation & @OpenSolaris. pronoun.is/he

Joined May 2007
  • Tweets 10,717
  • Following 933
  • Followers 2,004
278 Photos and videos
I'm not ready to give up on twitter, but enough of the people I care about following here have joined Mastodon to make it interesting to me to do so as well, so I'm now in the fediverse at fosstodon.org/web/@alanc.

Alan Coopersmith (@alanc@fosstodon.org)

1.69K Posts, 286 Following, 34 Followers · Solaris Engineer at Sun^H^H^HOracle (Release management, Security, X11, GNOME); former board member of X.Org Foundation & OpenSolaris. http://pronoun.is/he

fosstodon.org
2
1
11
Alan Coopersmith @alanc@hachyderm.io retweeted
Björkus 'No time_t to Die' Dorkus@__phantomderp
1 Nov 2024
OooOOooOooo, happpy halloooweeeeeen!!
Robert C. Seacord (@rcs@hachyderm.io)@RCS
1 Nov 2024
C23 appears to have been published: iso.org/standard/82075.html I sort of expected to get a formal notification of some kind, but ¯\_(ツ)_/ Thanks to everyone who contributed to this effort over the past decade or so, particularly our editors @__phantomderp and Freek Wiedijk.
2
9
104
4,454
Alan Coopersmith @alanc@hachyderm.io retweeted
Robert C. Seacord (@rcs@hachyderm.io)@RCS
1 Nov 2024
C23 appears to have been published: iso.org/standard/82075.html I sort of expected to get a formal notification of some kind, but ¯\_(ツ)_/ Thanks to everyone who contributed to this effort over the past decade or so, particularly our editors @__phantomderp and Freek Wiedijk.

ISO/IEC 9899:2024

Information technology — Programming languages — C

iso.org
4
35
175
12,524
Alan Coopersmith @alanc@hachyderm.io retweeted
Molly White
@molly0xFFF
30 Oct 2024
A commenter at Citation Needed suggested I have not adequately explained why I support Kamala Harris, and why I believe it is absolutely critical that everyone who can vote comes out to vote for her. In case I have indeed not been clear, here is my response. PLEASE vote.
Although America is facing a choice between two imperfect candidates, the choice between imperfection and fascism is clear. Harris believes in democracy. Her policy positions on topics including strong protections around reproductive rights, increased accessibility to healthcare, and how taxes should be distributed across income classes more closely align with my own. We do not agree on everything — her support for Israel, her relatively weak statements on supporting the transgender community, some of her history when it comes to police and prison reform are just a few examples of where we diverge. However, I am a pragmatist, and Harris’s shortcomings pale in comparison to Trump’s. Once Harris is elected, I believe she is far more likely to listen to the people she serves than her opponent, and I think our chances of influencing her actions on the topics where we diverge are far higher than with Trump. The starting point is also vastly different — for example, where Harris has been wea

ALT Although America is facing a choice between two imperfect candidates, the choice between imperfection and fascism is clear. Harris believes in democracy. Her policy positions on topics including strong protections around reproductive rights, increased accessibility to healthcare, and how taxes should be distributed across income classes more closely align with my own. We do not agree on everything — her support for Israel, her relatively weak statements on supporting the transgender community, some of her history when it comes to police and prison reform are just a few examples of where we diverge. However, I am a pragmatist, and Harris’s shortcomings pale in comparison to Trump’s. Once Harris is elected, I believe she is far more likely to listen to the people she serves than her opponent, and I think our chances of influencing her actions on the topics where we diverge are far higher than with Trump. The starting point is also vastly different — for example, where Harris has been wea

36
65
544
27,829
Alan Coopersmith @alanc@hachyderm.io retweeted
Open Source Security mailing list@oss_security
29 Oct 2024
CVE-2024-9632: X.Org X server and Xwayland: Heap-based buffer overflow privilege escalation in _XkbSetCompatMap openwall.com/lists/oss-secur…
2
3
572
Alan Coopersmith @alanc@hachyderm.io retweeted
Captain j@Captainj310
24 Oct 2024
4
47
173
3,660
Alan Coopersmith @alanc@hachyderm.io retweeted
Bryan Steele 🦋@canadianbryan
18 Oct 2024
H. Ye and H. Hu, "Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems" ("BADASS") huhong789.github.io/papers/y… [OpenBSD's been calling out the Linux antipattern that is PT_GNU_STACK for years..] x.com/canadianbryan/status/1…

Bryan Steele 🦋@canadianbryan
13 Jul 2023
Linux has a tendency toward introducing dangerous antipatterns to the ecosystem, the comparison Theo makes to executable-stacks is a real one, and keeps being repeated. news.ycombinator.com/item?id…
6
17
1,503
Alan Coopersmith @alanc@hachyderm.io retweeted
Steve Christey Coley, BS 🐀@SushiDude
29 Sep 2024
25 years ago on Sep 29, 1999, MITRE announced the CVE Initiative. There's too much to say, so I'll be brief. CVE was not possible without a concerted, mostly-voluntary, community-wide effort. It's accomplished a lot, but it's daunting to see how much still needs to be done...
3
16
43
7,470
Alan Coopersmith @alanc@hachyderm.io retweeted
Steve Weis@sweis
26 Sep 2024
Google post on "Eliminating Memory Safety Vulnerabilities at the Source" shows how transitioning to memory safe code dropped memory vulnerabilities from 76% to 24% on Android over 6 years: security.googleblog.com/2024…

Eliminating Memory Safety Vulnerabilities at the Source

Posted by Jeff Vander Stoep - Android team, and Alex Rebert - Security Foundations Memory safety vulnerabilities remain a pervasive threa...

security.googleblog.com
1
13
20
3,336
Alan Coopersmith @alanc@hachyderm.io retweeted
Peter Tribble@ptribble
18 Sep 2024
Think that running Solaris means you're stuck with an ancient version of Java? Think again: 
pkgs.tribblix.org/openjdk/#illumos #solaris #openjdk
7
20
627
Alan Coopersmith @alanc@hachyderm.io retweeted
Andrew Watkins 🇪🇺🇬🇧@awatkins1966
17 Sep 2024
Replying to @Oracle
@Oracle #Solaris has obsoleted Python 3.7. But I still need it - what do I do? blogs.oracle.com/solaris/pos…

Oracle Solaris has obsoleted Python 3.7. But I still need it – what do I do?

This blog post explains what to do if you want to keep Python 3.7 running on Solaris 11.4 beyond SRU 72.

blogs.oracle.com
2
3
200
Today we've released #OracleSolaris 11.4.72, our quarterly feature update. The announcement is at blogs.oracle.com/solaris/pos… , a summary of new features is at blogs.oracle.com/solaris/pos… , and a mastodon thread with some more details is at fosstodon.org/@alanc/1129955… .

Announcing Oracle Solaris 11.4 SRU72

We've just released the Oracle Solaris 11.4 SRU72. It is available via 'pkg update' from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1.

blogs.oracle.com
1
7
21
527
Today is Oracle's quarterly Critical Patch Update release day, so for #OracleSolaris we have released updates for 11.4 & patches for 10. For info on 11.4 SRU 71, see blogs.oracle.com/solaris/pos… .

Announcing Oracle Solaris 11.4 SRU71

We've just released the Oracle Solaris 11.4 SRU71. It is available via 'pkg update' from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1.

blogs.oracle.com
1
7
20
537
For info on the security fixes in those releases, see the Oracle Systems Risk Matrix in the July 2024 CPU Bulletin at oracle.com/security-alerts/c… and the Oracle Solaris Third Party Bulletin for July 2024 at oracle.com/security-alerts/b… .
1
5
236
Alan Coopersmith @alanc@hachyderm.io retweeted
Andrew Watkins 🇪🇺🇬🇧@awatkins1966
16 Jul 2024
#Oracle #Solaris 11.4.71.170.2) (@OracleSolaris SRU 71.170.2) New: old libffi 3.2.1 (back temporarily) Updates: Unbound, httpd, Jinja2, git, libarchive, PHP, FF, TB Security: python, gnu-indent Bugs fixes:31 EOF: n/a CVEs: 52
1
5
9
453
Alan Coopersmith @alanc@hachyderm.io retweeted
Ben Hart The Star Wars Guy 💫@BenHartWithNoE
12 Jul 2024
And to prove their commitment to realism, Marvel hired the oldest actor they could find to play the President of the United States.
159
3,320
91,575
1,334,479
Alan Coopersmith @alanc@hachyderm.io retweeted
Lisa Forte@LisaForteUK
12 Jul 2024
Yep 😂😬
9
30
295
36,979
Alan Coopersmith @alanc@hachyderm.io retweeted
Association for Computing Machinery@TheOfficialACM
11 Jul 2024
"I decided to write my own version of Unix V7 so students could learn all about it and study the operating system code." Watch Andrew S. Tanenbaum, recipient of the 2023 ACM Software System Award, talk abt the origin of MINIX and its long-lasting impact: youtu.be/mHqX6aXh5Fc
1
55
143
7,371
Alan Coopersmith @alanc@hachyderm.io retweeted
Cloudflare
@Cloudflare
9 Jul 2024
The RADIUS protocol is commonly used to control admin access to networking gear. Today, Cloudflare and a team of researchers are disclosing a vulnerability in RADIUS based on its outdated use of MD5. Learn more: cfl.re/3xNIoBw

RADIUS/UDP vulnerable to improved MD5 collision attack

The RADIUS protocol is commonly used to control administrative access to networking gear. Despite its importance, RADIUS hasn’t changed much in decades. We discuss an attack on RADIUS as a case study...

blog.cloudflare.com
1
25
51
10,164
Alan Coopersmith @alanc@hachyderm.io retweeted
Google Open Source@GoogleOSS
9 Jul 2024
🧮 Clang and GCC are introducing the "counted_by" attribute for flexible array members! The new attribute helps compilers know the bounds of a flexible array member, making hardened apps less exploitable. 👀 Learn more ⬇️ goo.gle/3LiaQP1

Bounds Checking Flexible Array Members

Clang and GCC are introducing the "counted_by" attribute to address buffer overflows for flexible array members in C.

opensource.googleblog.com
2
12
1,934
Load more